WinAntiRansom Access History

The File/Folder Access History Page contains a list of the last 500 file/folder accesses by programs that are not allowed to access your SafeZone. We do not show allowed programs, because they are trusted and therefore we do not spend the system resources to monitor those programs.

What good is this data?

Simple, it allows you to see what programs are doing and which files they access. If in doubt about allowing a program, watch what it does on this page for a while. If it isn’t doing anything strange, you may have the feedback you need to allow it.

The data

    • When: Contains the timestamp when the file/folder access took place.
    • File Accessed: This column contains either the folder or file accessed by the program.
    • Program: This is name of the program accessing the file/folder.
    • Path: Is the fully qualified path to  the program above. you see this icon you know the manufacturer took the time to sign the file.

By default, this data is sorted by When descending, so that most recent access is always at the top of the list.


Details provides you with a plethora of information about the selected program.

You can see % of users who allow and who block the program. In this case, we have very little data about this program so the percentages are still unknown.

You can see details about the program, including size, version, signature, MD5, SHA256 (SHA what? MD5 and SHA256 are useful for technical look-ups of the file in question) and more importantly other programs sharing the same signature.

From this screen you can view PLUS Info, the Microsoft Properties page, Allow or Block the individual program of all programs sharing this signature.

If you’re confused about a file, open this tab. It will help.


Are you familiar with the Windows Properties page?

If so, you can access it from here.

If not, give it a click. The Properties page provides you with even more information about a particular file.

Some would say it is for more technical users, but you can’t hurt anything by opening it up, looking around and then clicking Cancel to close it.


Allow Program

Lets say based on your observations you want to allow this program.

Easy, click the “Allow Program” button in the menu. That’s it. The program is now allowed across the board.

Oh, and if you make a mistake and allow the wrong program… No big deal, the Program Configuration Page allows you to disallow any program you like simply by highlighting an item and selecting “Block”.

Allow Folder

This is useful when you have programs that dynamically download content and then run it out of temporary or “user” folders. This is important enough of a feature that we also make this available on all “Action” pages so that you can add the folder in question without even having to navigate to that folder.
In a typical case, a program may download content to a folder like C:\users\Test\AppData\Local\Company\versionx\program.exe, with the folder changing with each version.

In this case, you should allow C:\Users\Test\AppData\Local\Company\, this will effectively allow all programs in the folders beneath.

We don’t really like this feature, but it is a necessary evil due to the seemingly endless ways  programs are allowed to be stored and run in Windows.

Edit Folders…

This dialog allows yAllowedFoldersou to edit allowed folders. The example above is a perfect example of why you would want to edit an allowed folder.

The program folder that is associated with the program is:


However, the last folder in this path “versionx” is dynamic, changing with each release. Therefore, when you allow the folder you should then edit that allowed folder and remove “versionx” from the end of it to ensure all future releases are allowed. You will edit the path so that it is this:


Allow by Signature

What does that even mean?
Actually this is quite simple. What allow by signature does is take the currently highlighted programs code signing certificate and then allows all programs signed with the same code signing certificate.

OK? What? Try that again…

This is useful after installing a new application or installing a new printer or other hardware that installs a user interface, update programs or other needed programs. Typically all of those programs are signed with the same code signing certificate, therefore by allowing the one certificate you are allowing all of the programs with a single click.

Remove All Data

Is this screen full of old entries or things you don’t care about?

If so, then simply click on Remove All Data and WAR will remove all of the data from the screen. Nothing is removed from your actual computer, we simply remove the data from this one screen.

What does "Anonymous License" mean?

Anonymous License

Simple. We don't know who you are and we don't care. We simply want to provide you with a great product at a great price. Like walking into a store with cash in your pocket and walking out with what you want.

When you purchase our products, our cart processors need to request enough information to process the order and to meet tax regulations.

We DO NOT receive ANY personal information, including your email address, domicile address, or even country of purchase. Our cart processors simply ask us to give them a license to send to you in exchange for processing the order.

This means unlike companies like Facebook, Google, Apple, most security products and most other companies on the Internet, we don't track you in the name of "marketing".

  • We don't collect your information.
  • We don't sell your information.
  • We don't give your information away.

We respect your privacy.